class ApoController < ApplicationController

  def login
      if request.post?
        @member = Member.authenticate(params[:username], params[:password])
        if @member.nil?
          flash[:warning] = "Invalid username or password"
          redirect_to :action => "login"
        elsif @member.deleted?
          flash[:warning] = "You do not have permission to login. Please contact membership@apouiuc.com"
          redirect_to :action => "login"
        else
          session[:user] = @member
          redirect_to :controller => "apo", :action => "home"
        end
      end
  end

  def home
    @member = Member.find_by_id(session[:user])
    @memberData = Member.getData(@member, Event.getCurrentSemester)
    @srcToggle = Toggle.find_by_name("SRC").enabled
		@events = Event.find_by_sql("SELECT `events`.`id`, `events`.`date`, `events`.`name`, `attendance_records`.`waitlist` FROM `events` INNER JOIN `attendance_records` ON `events`.`id` = `attendance_records`.`event_id` INNER JOIN `members` ON `attendance_records`.`member_id` = `members`.`id` WHERE `events`.`deleted` = 0 AND `events`.`semester_index` = #{Event.getCurrentSemester} AND `members`.`id` = #{@member.id} AND `attendance_records`.`waitlist` = 0 AND `events`.`event_type` <> 'Dues' AND `events`.`event_type` <> 'Dues (late)' AND `events`.`event_type` <> 'Committee' ORDER BY `events`.`date` DESC")
		
		expire_fragment %r(apo/home\?action_suffix=birthday_.*) unless fragment_exist? :action => :home, :action_suffix => "birthday_#{Date.today}"
  end

  def logout
    reset_session
    redirect_to :action => "login"
  end

  def reset_password
    @member = Member.find_by_username(params[:netid])
    if @member.nil?
      flash[:warning] = "No such NetID exists!"
      render :action => "reset"
    else
      @newPassword = (0...8).map{ ('a'..'z').to_a[rand(26)] }.join
      @member.password = Member.hash_password(@newPassword)
      @member.save
      if @member.email.nil? or @member.email == ""
        @email = @member.username + "@illinois.edu"
      else
        @email = @member.email
      end
      flash[:notice] = "Your new password has been sent to #{@email}."
      Emailer.deliver_password(@newPassword, @email, @member.first_name)
      redirect_to :action => "reset"
    end
  end

  def download_application
    #locally
    #send_file '../files/umoc.doc', :type => 'application/msword'

    #remotely
    send_file "#{RAILS_ROOT}/public/files/umoc.doc", :type => 'application/msword', :disposition => 'attachment'

    #redirect_to :action => "umoc"
  end

  def name_select_show
    # Handle middle names
    names = params[:member][:name].split()
    @member = Member.find_by_first_name_and_last_name(names[0], names[1..-1].join(' '))
    if @member.nil?
      @member = Member.find_by_first_name_and_last_name(names[0..-2].join(' '), names[-1])
    end

    if !@member.nil?
      @memberData = Member.getData(@member, Event.getCurrentSemester)
      redirect_to :controller => "members", :action => "show", :id => @member
    else
      flash[:error] = "Member: #{params[:member][:name]} not found!"
      @member = session[:user]
      redirect_to :back
    end
  end

  def auto_complete_for_member_name
    search = params[:member][:name]
    @members = Member.find(:all, :conditions => ["deleted = FALSE AND (first_name LIKE ? OR last_name LIKE ?)", search+'%', search+'%']) unless search.blank?
    render :partial => "members/search"
  end

  def post_admin
    if Member.find(params[:member_id]).admin?
      announcement = Announcement.new
      announcement.admin = true
      announcement.message = params[:message]
      announcement.member_id = params[:member_id]
      announcement.save
    else
      flash[:error] = "You are not allowed to do that!"
    end

    redirect_to :action => "home"
  end

  def post_member
    announcement = Announcement.new
    announcement.admin = false
    announcement.message = params[:message]
    announcement.member_id = params[:member_id]
    announcement.save

    redirect_to :action => "home"
  end

  def delete_post
    announcement = Announcement.find(params[:id])
    announcement.destroy

    redirect_to :action => "home"
  end

end
